Astra Linux - уязвимость в netcdf

A issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxmlstr2utf8, when parsing a crafted XML file, performs zero-length reallocation in ezxml.c, resulting in a NULL pointer being returned in some compilers. After this, the function ezxmlparsestr does not check whether the s variabl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Tracing: kprobe: Fixed a potential null-ptr-dereference issue in tracearray within kprobeeventgentestexit. When testgenkprobecmd fails after kprobeeventgencmdend, it will go to delete, which will call kprobeeventdelete and releas...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4processcbupdate @ses is initialized to NULL. If nfsd4findbackchannel finds no available backchannel session, setupcallbackclient will attempt to dereference @ses, resulting in a segmentation...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi – avoid null pointer dereference in mpicmpui During NVMeTCP authentication, a controller can trigger a kernel oops by specifying the 8192-bit Diffie Hellman group and passing a correctly sized, but zeroed Diffie...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: drm/bridge: megachips: Fixed a null pointer dereference bug When removing the module, the following warnings will be displayed: 31.911505 i2c-core: Driver stdp2690-ge-b850v3-fw Unregistered 31.912484 General protection fault,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: preventing dereferencing of ZEROSIZEPTR when numifs is zero The driver allocates arrays for ports, FDBs, and filter blocks using kcalloc, with ethsw-swattr.numifs as the element count. When the device reports zero...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: rfkill: gpio: A crash occurred due to dereferencing an uninitialized pointer. Since commit 7d5e9737efda “net: rfkill: gpio: get the name and type from device property”, the rfkillfindtype function is called with the possibly...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: cgroup/dmem: Fixed a NULL pointer dereference issue when setting the max value. The following issue was triggered: BUG: NULL pointer dereference in the kernel; Address: 0000000000000000 PF: Supervisor read access in kernel mod...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: calipso: Do not call calipso functions for AFINET sockets. syzkaller reported a null-ptr-deref in txoptget. 0 The offset 0x70 refers to struct ipv6txoptions within struct ipv6pinfo. Therefore, struct ipv6pinfo was NULL there...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: i3c: Added a NULL pointer check in i3cmasterqueueibi The I3C master driver may receive an IBI from a target device that has not yet been probed. In such cases, the master calls i3cmasterqueueibi to queue an IBI work task, leading...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: ipu3imggu: Fixed NULL pointer dereferencing in active selection access. The IMGu driver handled this by first acquiring the pointers to the active devices, then attempting to use V4L2 subdev functions. Only after that did ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/notify: Calling intotifyshowfdinfo on a file descriptor that watches an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing a NULL pointer. This issue was discovered by syzkaller. Race Condition...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fixed a crash that occurred when adding an interface under a latency condition. The commit 15faa1f67ab4 “lan966x: Fixed a crash that occurred when adding an interface under a latency condition” fixed a similar...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: A missing NULL pointer check was added in amdpstateupdate. Check whether the policy variable is NULL before dereferencing it in amdpstateupdate...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed a NULL dereference in ntfsupdatemftmirr. If ntfsfillsuper is not called, then sbi-sb will be equal to NULL. Code should check this pointer before dereferencing it. The issue was identified by Syzbot due to the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree. If virtiogpuobjectshmeminit fails e.g., due to fault injection, as happened in the bug report by syzbot, virtiogpuarrayputfree might be called with objs being NUL...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: Roles – Fixed NULL pointer issue when referencing the module’s reference. In the current design, the USB role class driver will obtain a reference to the module of the usbroleswitch object after the user selects the...

Astra Linux - уязвимость в libde265

It was discovered that libde265 v1.0.10 contains a NULL pointer dereference in the putunweightedpred16fallback function located in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack through a crafted input file...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix several cases of NULL pointer dereferencing during device cleanup. I also identified a few additional paths where cleanup failures occur due to a NULL version pointer on unsupported hardware. NULL checks should be...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fixed a null pointer dereferencing in ofsysconregister. The kasprintf function returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure...